While many organisations are looking for a “silver bullet” solution against ransomware threats, the fact is that there is no single solution to prevent an attack. This paper outlines three critical steps to help you implement a defence-in-depth security approach. With multiple layers of proactive and reactive measures in place you can prepare for, detect and mitigate future ransomware attacks.

According to the FBI, there were an average of 4,000 ransomware attacks per day in 20161, representing a 300 percent increase from 2015. The FBI expects ransomware payments for 2016 to hit $1 billion.2

The WannaCry ransomware threat that struck in May, 2017 is a prime example of how hackers are multiplying efforts and sharpening their skills. In malware attacks like WannaCry, cybercriminals gain access to systems, encrypt critical data and hold the encryption key and data hostage, demanding payment that will unlock it and enable the victimised organisations to restore operations. However, the exchange isn’t guaranteed, as some organisations paid the ransom but never received the key.

“Ransomware attacks wake organisations from their complacency about cybercrime, prompting investments in tighter perimeter defences and a sharper focus on how they protect their data.”

- Jeff Lanza, Retired FBI Special Agent and Cybersecurity Expert

1FBI ransomware facts 2015 and 2016 https://www.fbi.gov/file-repository/ransomware-prevention-and-response-for-cisos.pdf/view
2FBI cited as source for billion-dollar cost in 2016 http://www.nbcnews.com/tech/security/ransomware-now-billion-dollar-year-crime-growing-n704646